GRC: The Cornerstone Of High-Performing Finance

CFOs today must think strategically. They must innovate. And they must work side-by-side with their fellow executives to keep their organization thriving in the face of new digital competition.

Yet despite this ever-expanding mandate, one responsibility remains a sacred trust for the finance function: a major stake in governance, risk, and compliance (GRC). Although the size of that stake varies by industry and company, more than two-thirds of finance executives consider optimizing risk and compliance management a top business goal, according to new research from Oxford Economic and SAP. In fact, 97% of the 1,500 finance executives we surveyed said finance has strong decision-making authority over risk monitoring and assessment at their company, and 93% said the same about ensuring compliance and enforcing policies.

It makes eminent sense that risk management should be foundational to finance. After all, what’s the point of investing resources to grow a business if at any moment an adverse event – whether internal or external – could wipe out your balance sheet or market cap? The CFOs we interviewed confirmed that when they report to the board of directors, GRC often takes center stage. “Enterprise risk management is first and foremost in their minds,” says Brian Stief, CFO of multinational Johnson Controls.

Finance leaders view risks more clearly

For this reason, a strong relationship between the finance function and GRC is a criterion for what we call “Finance Leadership” – a set of six finance practices that boost performance across the enterprise. For example, we found that finance leaders were almost twice as likely as non-leaders to report rising market share over the past year, and much less likely to struggle with cost control. It’s no coincidence that more than half of finance leaders described risk and compliance management at their organization as “very effective,” compared with only 38% of non-leaders. These companies encourage collaboration between their finance and GRC functions by ensuring that they can easily share standardized data and reporting, and that their business systems are integrated so they can communicate with each other.

Finance leaders also appear to have a clearer understanding of an increasingly widespread risk: cybercrime. As global ransomware attacks proliferate and data hacks threaten organizations of all types, cyber-risk management becomes a critical defense. Yet alarmingly, only 56% of our survey respondents named cybersecurity a top business risk facing their company in the next two years – suggesting a potential risk-management blind spot. Among finance leaders, awareness of cyber risk climbs significantly: Two-thirds cite it as a top risk to watch over the next two years.

To read the full study and learn about other ways finance leaders stay ahead of the pack, please click here.

Sharelines

The Digitalist Magazine is your online destination for everything you need to know to lead your enterprise’s digital transformation.

Read the Digitalist Magazine and get the latest insights about the digital economy that you can capitalize on today.

About Joan Warner

Joan Warner is managing editor and senior analyst for Financial Services at Oxford Economics. Joanie joined Oxford in February 2016 from The Financial Times, where she managed subsidiary publications covering the wealth management industry and corporate governance. Prior to that, she covered international finance and European business for BusinessWeek magazine, where she worked for nearly 20 years. Joanie was also a contributing editor at Institutional Investor and has written and edited reports for Morgan Stanley, McKinsey, PwC, and former hedge fund FrontPoint Partners. She holds an MA in Comparative Literature and a BA in Classics, both from Harvard University.